IBM Security Bulletin: Denial of Service vulnerability in IBM Spectrum Protect (formerly Tivoli Storage Manager) Client, IBM Spectrum Protect for Virtual Environments: Data Protection for VMware, and IBM Spectrum Protect for Space Management (CVE-2018-1550)
Sep 24, 2018 9:01 am EDT
Categorized: Medium Severity
Share this post:
The IBM Spectrum Protect (formerly Tivoli Storage Manager) Client, IBM Spectrum Protect: Data Protection for VMware, and IBM Spectrum Protect for Space Management could allow a local user to corrupt or delete sensitive information that could cause a denial of service.
CVE(s): CVE-2018-1550
Affected product(s) and affected version(s):
This security exposure affects the following products and levels:
- IBM Spectrum Protect (formerly Tivoli Storage Manager) Client levels:
– 8.1.2.0 through 8.14.2 (Macintosh)
8.1.2.0 through 8.1.4.1 (All other platforms)
– 7.1.8.0 through 7.1.8.2 - IBM Spectrum Protect for Virtual Environments (formerly Tivoli Storage Manager for Virtual Environments): Data Protection for VMware levels:
– 8.1.2.0 through 8.1.4.1
– 7.1.8.0 through 7.1 8.2 - IBM Spectrum Protect for Space Management (formerly Tivoli Storage Manager for Space Management)
– 8.1.2.0 through 8.1.4.1
– 7.1.8.0 through 7.1.8.2
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10719401
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142696
from IBM Product Security Incident Response Team https://ift.tt/2I9c9OK